Secure 4-channel Wireless Switch for Smart Home With Lots of Features

In this tutorial, you'll learn how to build a secure 4-channel wireless switch for the smart home. The security of this device based on four pillars:
1) Attacker doesn't know the MAC address of the receiver;
2) Attacker doesn't know the keys;
3) Each IV is encrypted with its own key;
4) Attacker doesn't know the IVs.

Now, let me explain what it means:
1) There's no way to send any instructions to the device if an attacker doesn't know where to send it;
2) Even if an attacker will discover the MAC address, an attacker will still need three keys and three IVs.
3) Even if one key gets compromised, an attacker will still have to guess the other two.
4) Even if an attacker will obtain the MAC address of the receiver and all three keys. An attacker will still need to guess all three IVs. There are 10 to the power of 24 (1,000,000,000,000,000,000,000,000) possible combinations, and let's be honest, this, is a big number.

Features:

• Encrypted communication channel
• Invulnerability to the replay attacks
• Counter of the unsuccessful attempts to interact with the device
• Each IV encrypted with its own key
• Using SPIFFS to store the IVs
• Possibility to enormously expand the number of channels by connecting up to 253 Arduinos
• Easy-to-use

• ESP8266 x2
• Arduino Nano/Uno/Compatible board x1
• 4-relay module x1
• TM1637 display x1
• 4.7K resistors x4
• Buttons x4
• 5V power supplies x2
• Bunch of wires

If you've never flashed ESP8266 before you'll need to configure Arduino IDE and install drivers to upload the firmware to the boards, you can find drivers here:

CH340 driver: https://sparks.gogo.co.nz/ch340.html

CP210x driver: https://www.silabs.com/developers/usb-to-uart-brid...

In case you don't have Arduino IDE, you can download it here:

https://www.arduino.cc/en/software/

Configuring IDE isn't a part of this tutorial, you can read about it here:

https://randomnerdtutorials.com/how-to-install-esp...

To get the MAC address of the board upload this code to the board.

#include <ESP8266WiFi.h>

void setup(){

Serial.begin(115200);

Serial.println();

Serial.print("ESP Board MAC Address:  ");

Serial.println(WiFi.macAddress());

}

void loop(){

}

Then open the serial monitor, and reboot the board.

If done correctly, you should see the MAC address in the console.

The MAC address of this board is 40:F5:20:33:9A:F5

You can download the firmware here: https://github.com/Northstrix/Secure_4-channel_Wir...

DES: https://github.com/fcgdam/DES_Library

AsyncTCP: https://github.com/me-no-dev/AsyncTCP

Software Serial: https://github.com/PaulStoffregen/SoftwareSerial

ESP Software Serial: https://github.com/plerup/espsoftwareserial

GyverBUS: https://github.com/AlexGyver/GyverLibs/releases/do...

TM 1637: https://github.com/Seeed-Studio/Grove_4Digital_Dis...

The process of unpacking libraries BESIDES GyverBUS is typical. Just unpack the content of the archive into the folder: ...\Arduino\libraries.

GyverBus library has to be extracted into two folders with sketches.

You can learn more about the GyverBUS library here: [It's in Russian language] https://alexgyver.ru/gyverbus/

The purpose of the Initialization Vector is to prevent the replay attack.
I've decided to use three IVs to make it even harder to implement the replay attack.
There are lots of methods to generate a random number. I've decided to throw 20-sided dice to do this. Every time I was getting a number with two digits, I was writing down the last digit.

By the way, involving your pets in the IV generation process can add more randomness.

Eventually, I've generated these three 8-digit numbers:
48391741
51206333
60692408

Note that every time you're pressing the button, each IV increases by one.
The maximum value of IV is 99999999.
If you've generated something more than 99000000, I would advise you to either change the first digit or generate the new IV.

Open the sketch in the folder Secure_4-channel_Wireless_Switch-main\IVs.
Find Strings fiv, siv, tiv, and replace the values there with your 8-digit IVs. Then upload this sketch to both ESPs. After you've uploaded the sketch open the Serial Monitor, you should see your IVs there.

You can throw dice or use "dice throwing software" or hash the picture. I've decided to hash the photo because this is the quickest method.

To make it easier, copy this array three times and replace Fs with your values.

Note that the key is in hexadecimal format.

  byte key[] = { 
                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
                  0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
                };

I've used this photo as an input: https://images.pexels.com/photos/8538496/pexels-ph..

Hashed it here: https://md5file.com/calculator

And obtained this output:

1c1152b89a61eb609e55059de57e38e98a2bf76ad98c5c5658f451c53364c76f8c4d0792faf54339cdc54453150aea21402e58d8109985992740292405e01d99

Open the sketch in the folder
\Secure_4-channel_Wireless_Switch-main\Secure_4-channel_Wireless_Switch_Receiver.
Replace the three keys in this sketch with the ones you've generated.

Open the sketch in the folder \Secure_4-channel_Wireless_Switch-main\Secure_4-channel_Wireless_Switch_Transmitter. Replace the receiver's MAC address with the one you've obtained from the step 2, and then replace the three keys in this sketch with the ones you've generated in the same order you did in the previous step.

I know you might think it's unnecessary, but please don't neglect this step.

Make sure that the keys in both sketches are matching. Otherwise, the device will not work.

I've included both schematic and circuit diagrams to make it easier for you.

Important note: Don't flash the transmitter before you've assembled the circuit. Otherwise, the transmitter will transmit a bunch of packets to nowhere, causing the IVs to increase to more than 49 without a receiver storing these IVs.

The receiver will only accept the IVs which are more than the stored ones, but no more than the stored IVs + 50.

After you've built the circuit, upload the firmware from the folder
\Secure_4-channel_Wireless_Switch-main\Secure_4-channel_Wireless_Switch_Transmitter
into the transmitter board.

Upload the firmware from the folder
/Secure_4-channel_Wireless_Switch-main\Secure_4-channel_Wireless_Switch_Receiver
into the receiver board.

Upload the firmware from the folder
/Secure_4-channel_Wireless_Switch-main\Secure_4-channel_Wireless_Switch_Arduino
into the Arduino.

Since the schematic depiction of a 4-relay module doesn't exist, I've only added a circuit diagram.

Let's suppose that the attacker somehow discovered the MAC address of the device.
Every time there's an unsuccessful attempt to attack the device, the number in the display will increment.

You don't need to connect anything to the trash sender aside from the power supply.

I did my best to make this device as secure as possible. At least it's invulnerable to the brute force attack and protected from the replay attack. There might be ways to crack this device using more sophisticated techniques than brute force, but most of those techniques are only available to world-class hackers or government agencies.
So, I wouldn't be worrying about the light in the room suddenly turning on in the middle of the night.

Thank you for reading this tutorial.